• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1228
2022-05-03
N/A
4.8 MEDIUM
The Opensea WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
CVE-2022-1227
2022-07-23
N/A
8.8 HIGH
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.
CVE-2022-1225
2022-04-11
N/A
6.5 MEDIUM
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.
CVE-2022-1224
2022-04-11
N/A
6.5 MEDIUM
Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.
CVE-2022-1223
2022-04-11
N/A
6.5 MEDIUM
Improper Access Control in GitHub repository phpipam/phpipam prior to 1.4.6.
CVE-2022-1222
2022-04-11
N/A
5.5 MEDIUM
Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2022-1221
2022-05-28
N/A
6.1 MEDIUM
The Gwyn's Imagemap Selector WordPress plugin through 0.3.3 does not sanitise and escape some parameters before outputting them back in attributes, leading to a Reflected Cross-Site Scripting.
CVE-2022-1220
2022-07-15
N/A
6.1 MEDIUM
The FoxyShop WordPress plugin before 4.8.2 does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
CVE-2022-1219
2022-04-13
N/A
7.5 HIGH
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
CVE-2022-1218
2022-05-28
N/A
6.1 MEDIUM
The Domain Replace WordPress plugin through 1.3.8 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
« Previous 1 … 10,977 10,978 10,979 10,980 10,981 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE